[23505] in bugtraq
Re: CERT Advisory CA-2001-34 Buffer Overflow in System V Derived Login
daemon@ATHENA.MIT.EDU (Scott Howard)
Fri Dec 14 17:44:38 2001
Date: Sat, 15 Dec 2001 06:33:14 +1100
From: Scott Howard <scott@doc.net.au>
To: bugtraq@securityfocus.com
Message-ID: <20011215063314.A5719@milliways.doc.net.au>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CA-2001-34.1@cert.org>; from cert-advisory@cert.org on Wed, Dec 12, 2001 at 06:12:36PM -0500
On Wed, Dec 12, 2001 at 06:12:36PM -0500, CERT Advisory wrote:
> Sun Microsystems
>
> Sun has developed a fix and T-patches are being tested. Official
> patches will be released shortly and Sun will issue a Sun Security
> Bulletin when they are available.
These patches are now available. The relevant patch numbers are :
111085-02 SunOS 5.8: /usr/bin/login patch
111086-02 SunOS 5.8_x86: /usr/bin/login patch
112300-01 SunOS 5.7:: usr/bin/login Patch
112301-01 SunOS 5.7_x86:: usr/bin/login Patch
105665-04 SunOS 5.6: /usr/bin/login patch
105666-04 SunOS 5.6_x86: /usr/bin/login patch
106160-02 SunOS 5.5.1: /usr/bin/login patch
106161-02 SunOS 5.5.1_x86: /usr/bin/login patch
At this stage these no not appear to be free patches (ie, you need a contract
to get to them), although I expect this will change.
Scott
